比较文本

查找两个文本文件之间的差异

Real-time diff

Unified diff

Collapse lines

Highlight change

Syntax highlighting

工具

Diffchecker Desktop The most secure way to run Diffchecker. Get the Diffchecker Desktop app: your diffs never leave your computer!Get Desktop

Untitled Diff

Created 4 years agoDiff never expires

Lines
Total
Removed

Words
Total
Removed

To continue using this feature, upgrade to Diffchecker Pro View Pricing

94 lines

Lines
Total
Added

Words
Total
Added

To continue using this feature, upgrade to Diffchecker Pro View Pricing

60 lines

upstream backend {

# This block is useful for debugging TLS v1.3. Please feel free to remove this

server 10.10.10.2:8065;

# and use the `$ssl_early_data` variable exposed by nginx directly should you

keepalive 32;

# wish to do so.

map $ssl_early_data $tls1_3_early_data {

"~." $ssl_early_data;

default "";

}

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;

server {

listen 80 default_server;

listen 443 ssl http2;

server_name mattermost.example.com;

return 301 https://$server_name$request_uri;

}

server {

listen 443 ssl http2;

server_name mattermost.example.com;

http2_push_preload on; # Enable HTTP/2 Server Push

ssl on;

ssl_certificate /etc/letsencrypt/live/{domain-name}/fullchain.pem;

ssl_certificate_key /etc/letsencrypt/live/{domain-name}/privkey.pem;

ssl_session_timeout 1d;

# Enable TLS versions (TLSv1.3 is required upcoming HTTP/3 QUIC).

ssl_protocols TLSv1.2 TLSv1.3;

# Enable TLSv1.3's 0-RTT. Use $ssl_early_data when reverse proxying to

[...] # other settings

# prevent replay attacks.

# @see: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data

ssl_early_data on;

proxy_http_version 1.1;

ssl_prefer_server_ciphers on;

ssl_session_cache shared:SSL:50m;

# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)

add_header Strict-Transport-Security max-age=15768000;

# OCSP Stapling ---

# fetch OCSP records from URL in ssl_certificate and cache them

ssl_stapling on;

ssl_stapling_verify on;

add_header X-Early-Data $tls1_3_early_data;

location ~ /mattermost/api/v[0-9]+/(users/)?websocket$ {

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "upgrade";

client_max_body_size 50M;

proxy_set_header Host $http_host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Frame-Options SAMEORIGIN;

proxy_buffers 256 16k;

proxy_buffer_size 16k;

client_body_timeout 60;

send_timeout 300;

lingering_timeout 5;

proxy_http_version 1.1;

proxy_connect_timeout 90;

proxy_send_timeout 300;

proxy_read_timeout 90s;

proxy_pass http://172.17.0.1:8065;

}

location ~ /api/v[0-9]+/(users/)?websocket$ {

location /mattermost {

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "upgrade";

client_max_body_size 50M;

proxy_set_header Host $http_host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Frame-Options SAMEORIGIN;

proxy_buffers 256 16k;

proxy_buffer_size 16k;

client_body_timeout 60;

send_timeout 300;

lingering_timeout 5;

proxy_connect_timeout 90;

proxy_send_timeout 300;

proxy_read_timeout 90s;

proxy_http_version 1.1;

proxy_pass http://backend;

}

location / {

client_max_body_size 50M;

proxy_set_header Connection "";

proxy_set_header Host $http_host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Frame-Options SAMEORIGIN;

proxy_buffers 256 16k;

proxy_buffer_size 16k;

proxy_read_timeout 600s;

proxy_cache mattermost_cache;

proxy_cache_revalidate on;

proxy_cache_min_uses 2;

proxy_cache_use_stale timeout;

proxy_cache_lock on;

proxy_http_version 1.1;

proxy_pass http://backend;

}

# This block is useful for debugging TLS v1.3. Please feel free to remove this

proxy_pass http://172.17.0.1:8065/mattermost;

# and use the `$ssl_early_data` variable exposed by NGINX directly should you

}

# wish to do so.

map $ssl_early_data $tls1_3_early_data {

"~." $ssl_early_data;

default "";

}

已保存差异

原始文本

打开文件

upstream backend {
   server 10.10.10.2:8065;
   keepalive 32;
}

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;

server {
  listen 80 default_server;
  server_name   mattermost.example.com;
  return 301 https://$server_name$request_uri;
}

server {
   listen 443 ssl http2;
   server_name    mattermost.example.com;

http2_push_preload on; # Enable HTTP/2 Server Push

ssl on;
   ssl_certificate /etc/letsencrypt/live/{domain-name}/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/{domain-name}/privkey.pem;
   ssl_session_timeout 1d;

# Enable TLS versions (TLSv1.3 is required upcoming HTTP/3 QUIC).
   ssl_protocols TLSv1.2 TLSv1.3;

# Enable TLSv1.3's 0-RTT. Use $ssl_early_data when reverse proxying to
   # prevent replay attacks.
   #
   # @see: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data
   ssl_early_data on;

ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
   ssl_prefer_server_ciphers on;
   ssl_session_cache shared:SSL:50m;
   # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
   add_header Strict-Transport-Security max-age=15768000;
   # OCSP Stapling ---
   # fetch OCSP records from URL in ssl_certificate and cache them
   ssl_stapling on;
   ssl_stapling_verify on;

add_header X-Early-Data $tls1_3_early_data;

location ~ /api/v[0-9]+/(users/)?websocket$ {
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "upgrade";
       client_max_body_size 50M;
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header X-Frame-Options SAMEORIGIN;
       proxy_buffers 256 16k;
       proxy_buffer_size 16k;
       client_body_timeout 60;
       send_timeout 300;
       lingering_timeout 5;
       proxy_connect_timeout 90;
       proxy_send_timeout 300;
       proxy_read_timeout 90s;
       proxy_http_version 1.1;
       proxy_pass http://backend;
   }

location / {
       client_max_body_size 50M;
       proxy_set_header Connection "";
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header X-Frame-Options SAMEORIGIN;
       proxy_buffers 256 16k;
       proxy_buffer_size 16k;
       proxy_read_timeout 600s;
       proxy_cache mattermost_cache;
       proxy_cache_revalidate on;
       proxy_cache_min_uses 2;
       proxy_cache_use_stale timeout;
       proxy_cache_lock on;
       proxy_http_version 1.1;
       proxy_pass http://backend;
   }
}

# This block is useful for debugging TLS v1.3. Please feel free to remove this
# and use the `$ssl_early_data` variable exposed by NGINX directly should you
# wish to do so.
map $ssl_early_data $tls1_3_early_data {
  "~." $ssl_early_data;
  default "";
}

更改后文本

打开文件

# This block is useful for debugging TLS v1.3. Please feel free to remove this
# and use the `$ssl_early_data` variable exposed by nginx directly should you
# wish to do so.
map $ssl_early_data $tls1_3_early_data {
    "~." $ssl_early_data;
    default "";
}

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;

server {
    listen 443 ssl http2;

[...] # other settings

proxy_http_version 1.1;

location ~ /mattermost/api/v[0-9]+/(users/)?websocket$ {
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        client_max_body_size 50M;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Frame-Options SAMEORIGIN;
        proxy_buffers 256 16k;
        proxy_buffer_size 16k;
        client_body_timeout 60;
        send_timeout 300;
        lingering_timeout 5;
        proxy_http_version 1.1;
        proxy_connect_timeout 90;
        proxy_send_timeout 300;
        proxy_read_timeout 90s;
        proxy_pass http://172.17.0.1:8065;
    }

location /mattermost {

client_max_body_size 50M;
        proxy_set_header Connection "";
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Frame-Options SAMEORIGIN;
        proxy_buffers 256 16k;
        proxy_buffer_size 16k;
        proxy_read_timeout 600s;
        proxy_cache mattermost_cache;
        proxy_cache_revalidate on;
        proxy_cache_min_uses 2;
        proxy_cache_use_stale timeout;
        proxy_cache_lock on;
        proxy_http_version 1.1;

proxy_pass http://172.17.0.1:8065/mattermost;
    }
}